As a data point, when running EasyApache, I started seeing piles of "auth failed" messages in maillog, which caused customer IPs to be blocked in CSF due to LFD (login failure detection. Had a rash of customers opening tickets due to not being able to check mail or see their sites (due to IP blocks).

- Scott

If this post helped, click the Like icon!

Stop hovering to collapse...Click to collapse...Hover to expand...Click to expand...

Scott and I were doing EA builds on our servers at the same time, well nearly. Right after he did his I did mine. I experienced the same exact thing. We are not hallucinating.

a. It occurred [for me] on boxes running Dovecot
b. It did not occur [for me] on the one box I had running Courier

I don't know if it automatically "fixed" itself after the build was done, because after the builds were done I restarted exim/dovecot on the servers just to be sure it was authenticating.

BTW -- the only reason CSF is involved in the discussion is because when normally authenticating clients start to fail authentication, our CSF setups start temp-blocking the IPs that are failing auth.

What is really being reported here is that from start-to-finish of a build, it seems like Dovecot stopped authenticating. I only updated one Courier box, but the Courier box didn't suffer from the same thing.

Mike

The eyes are the windows of your face

Stop hovering to collapse...Click to collapse...Hover to expand...Click to expand...

As an update to this, our support team could not reproduce this. Scott was asked to try running EA again and was also unable to reproduce the issue. If anyone can reproduce this again, please do let us know and please open a ticket using the link in my signature.